[users@httpd] Personalized message

I have a virtual host defined with "SSLVerifyClient require" and when the client does not presents a certificate the browser displays a message like this: "An error occurred during a connection to card.casnt.ro:444. SSL peer was unable to negotiate an acceptable set of security parameters. (Error

Re[2]: [users@httpd] SSL - How client certificates are verified?

g all necessary intermediate certificates to your server will help? -- With Best Regards, Marat Khalili On 26/08/15 09:31, Sterpu Victor wrote: I installed apache 2.4.16 and I have activated SSLOCSPEnable on a virtual domain but the page is not loading at all with OCSPEnabled(without OCSP is working). Th

Re[2]: [users@httpd] SSL - How client certificates are verified?

e verified? In this case, could you please post the results when you get the SSLOCSPEnable fixed? I'm particularly interested in performance. -- With Best Regards, Marat Khalili On 23/08/2015 19:57, Sterpu Victor wrote: There are 4 CAs, at least 1 uses OCSP(only 1 I called). I hope all of t

Re[2]: [users@httpd] SSL - How client certificates are verified?

;m particularly interested in performance. -- With Best Regards, Marat Khalili On 23/08/2015 19:57, Sterpu Victor wrote: There are 4 CAs, at least 1 uses OCSP(only 1 I called). I hope all of them use OCSP, I don't know the legislation but it seems normal to be required by law. -- Original Message

Re[2]: [users@httpd] SSL - How client certificates are verified?

th Best Regards, Marat Khalili On 23/08/2015 19:41, Sterpu Victor wrote: All clients already have PKCS11 tokens. It would be too complicated for them to get used with something else. -- Original Message -- From: "Marat Khalili" To: users@httpd.apache.org Sent: 8/23/2015 7:34:

Re[2]: [users@httpd] SSL - How client certificates are verified?

ke them by yourself too if needed. -- With Best Regards, Marat Khalili On 23/08/2015 18:56, Sterpu Victor wrote: I want to make a page that will authenticate only with PKCS11 tokens. These tokens contain only certificates from a recognized authority. OCSP would be usefull if the token has been dec

Re[2]: [users@httpd] SSL - How client certificates are verified?

gards, Marat Khalili On 23/08/2015 09:51, Sterpu Victor wrote: Hello I have a web page that asks for client certificate. These are the options for this: SSLVerifyClient require SSLVerifyDepth 10 How does SSLVerifyClient verifies the client certificate? This option protects against certificate

Re[2]: [users@httpd] SSL - How client certificates are verified?

gards, Marat Khalili On 23/08/2015 09:51, Sterpu Victor wrote: Hello I have a web page that asks for client certificate. These are the options for this: SSLVerifyClient require SSLVerifyDepth 10 How does SSLVerifyClient verifies the client certificate? This option protects against certificate

Re[2]: [users@httpd] SSL - How client certificates are verified?

re of the CA Is this right? Does this check includes OCSP verification? If not can this be done from apache? Thank you. -- Original Message -- From: "Mohanavelu Subramanian" To: users@httpd.apache.org; "Sterpu Victor" Sent: 8/23/2015 10:19:13 AM Subject: Re: [user

[users@httpd] SSL - How client certificates are verified?

Hello I have a web page that asks for client certificate. These are the options for this: SSLVerifyClient require SSLVerifyDepth 10 How does SSLVerifyClient verifies the client certificate? This option protects against certificates manual made with a fake public-private key pair? So can someoa

[EMAIL PROTECTED] logout authtype basic

How do I logout from a "authtype basic" directory? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] security question

Suexec dows all the job. The rights were wrong. Sterpu Victor wrote: How do I setup apache so that diffrent virtual hosts can't read one eachother files(using cgi's by example)? I know that there is a module that runs a diffrent instance of apache for every virtual host(each ins

[EMAIL PROTECTED] security question

How do I setup apache so that diffrent virtual hosts can't read one eachother files(using cgi's by example)? I know that there is a module that runs a diffrent instance of apache for every virtual host(each instance on a diffrent user). Does someoane recalls how is this module named? I tryed

Re: AW: [EMAIL PROTECTED] apache2 and suexec problem

I compiled Apache/1.3.34 with suexec. This version is working. Sterpu Victor wrote: I installed apache 2.2.0 and I have exactly the same problem. It would be useful if someoune could confirm that apache 2 does not work with suexec, so I could try a apache 1.3. Or if someoane could say that

Re: AW: [EMAIL PROTECTED] apache2 and suexec problem

is in /usr/sbin And apache is compiled with the option "SUEXEC_BIN="/usr/sbin/suexec". The command "httpd -V |grep -i suexec" prints " -D SUEXEC_BIN="/usr/sbin/suexec" I use Apache/2.0.54. Sterpu Victor wrote: I have the following configuration.

Re: AW: [EMAIL PROTECTED] apache2 and suexec problem

root:root /usr/sbin/suexec bye Oliver Von: Sterpu Victor [mailto:[EMAIL PROTECTED]] Gesendet: Mo 23.01.2006 11:35 An: users@httpd.apache.org Betreff: Re: [EMAIL PROTECTED] apache2 and suexec problem Also when I start the apache I receive the following warning

Re: [EMAIL PROTECTED] apache2 and suexec problem

It seems it is a bug(http://www.mailarchives.org/list/apache-httpd-bugs/msg/2005/02170). But I can't find no patch, and information if this problem was solved or not. Is the latest version (2.2.0) fixed? Sterpu Victor wrote: Also when I start the apache I receive the following wa

Re: [EMAIL PROTECTED] apache2 and suexec problem

uexec" prints " -D SUEXEC_BIN="/usr/sbin/suexec" I use Apache/2.0.54. Sterpu Victor wrote: I have the following configuration. DirectoryIndex index.html index.htm index.php index.php3 ServerName suexec2.ambra.ro SuexecUserGroup suexec2 suexec2 DocumentRoot /var/

[EMAIL PROTECTED] apache2 and suexec problem

I have the following configuration. DirectoryIndex index.html index.htm index.php index.php3 ServerName suexec2.ambra.ro SuexecUserGroup suexec2 suexec2 DocumentRoot /var/www/suexec2.ambra.ro Action application/x-httpd-php /cgi-bin/suexec2.ambra.ro/php-cgi ScriptAlias /suexec2c

Re: [EMAIL PROTECTED] Apache suddenly stops accepting request

Maybe you touched the maxclients limit. JM wrote: Hi, Just recently Ive experienced something new in apache It just suddenly stop on accepting request... what I did is to restart the server and everything went to normal i did check on the logs and there's no unusual entry... im u

Re: [EMAIL PROTECTED] apache version

You can instal another version. :)) Or recompile the current one. Brent Clark wrote: Hi all Would anyone please update / advise me on how I can switch off the version displayed by apache. Kind Regards Brent Clark - The off

Re: [EMAIL PROTECTED] apache suexec - cannot get docroot information

The rights were too restrictive. Sterpu Victor wrote: I use apache 1.3 with suexec and php-cgi. When I execute a php with suexec activated I receive the following message in the suexec log. "emerg: cannot get docroot information (/var/www)" Apache server is compiled with --suex

[EMAIL PROTECTED] apache suexec - cannot get docroot information

I use apache 1.3 with suexec and php-cgi. When I execute a php with suexec activated I receive the following message in the suexec log. "emerg: cannot get docroot information (/var/www)" Apache server is compiled with --suexec-docroot=/var/www Thank you. -

[EMAIL PROTECTED] apache2 suexec and php-cgi

I try to use apache-suexec. I have mandriva 10.2 with php-cgi installed. But php are not threated as cgi's. Other cgi's are working with suexec(perl). Where can I find some documentation about how to make this work? Thank you.